AI Agent Threat Matrix
Matrix/Credential Harvest/T-3002
T-3002observedactive

Environment Variable Leakage

Access environment variables containing API keys, tokens, and connection strings

Tactic

Credential Harvest (Stage 3)

Extract API keys, tokens, and credentials from agent context and connected services

Attack Class

NEMO-CRED-LEAK

Unintended exposure of credentials through environment variables, logs, or error messages

Evidence

observed

Confirmed in real-world production systems or internet-wide exposure assessments.

DVAA Validation

env var leakage

Honeypot Coverage (AgentPwn)

Queued

In scope for honeypot observation; trap page or telemetry hook not yet built.

Trap page asking agent to dump env not yet built; HMA covers static detection.

Detection (HackMyAgent)

Live4 live · 0 queued
ENV-001ENV-002ENV-003ENV-004
npx hackmyagent secure --ciLive = check implemented in hackmyagent; queued = declared, not yet implemented

Defense (OASB Controls)

Live5 live · 0 queued
OASB 5.1OASB 5.2OASB 5.3OASB 5.4OASB 5.5
Live = documented at oasb.ai; queued = declared, not yet documented

How to Cite

AI Agent Threat Matrix T-3002 (Environment Variable Leakage). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-3002
← Back to Matrix